Details of VAR-201605-0349

ID

VAR-201605-0349

CVE

CVE-2016-4501

TITLE

Environmental Systems Corporation 8832 Data Controller Vulnerabilities that bypass authentication

Trust: 0.8

sources: JVNDB: JVNDB-2016-002964

DESCRIPTION

Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlA third party may bypass authentication and change any settings. ESC 8832 is a web-based SCADA system from ESC Corporation of the United States. A security vulnerability exists in ESC 8832 3.02 and earlier. A remote attacker could exploit the vulnerability to unauthorizedly change the configuration. An authentication-bypass vulnerability 2. A privilege-escalation vulnerability An attacker can exploit these issues to bypass the authentication mechanism and to gain elevated privileges on an affected application. This may aid in further attacks. The vulnerability is caused by the program not handling sessions correctly

Trust: 2.7

sources: NVD: CVE-2016-4501 // JVNDB: JVNDB-2016-002964 // CNVD: CNVD-2016-03675 // BID: 90898 // IVD: 4d3cc405-6675-4e6b-801b-53cca2ad5808 // VULHUB: VHN-93320

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 4d3cc405-6675-4e6b-801b-53cca2ad5808 // CNVD: CNVD-2016-03675

AFFECTED PRODUCTS

vendor:	envirosys	model:	esc 8832 data controller	scope:	lte	version:	3.02	Trust: 1.0
vendor:	environmental	model:	esc 8832 data controller	scope:	lte	version:	3.02	Trust: 0.8
vendor:	esc	model:	-	scope:	eq	version:	8832<=3.02	Trust: 0.6
vendor:	envirosys	model:	esc 8832 data controller	scope:	eq	version:	3.02	Trust: 0.6
vendor:	esc 8832 data controller	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 4d3cc405-6675-4e6b-801b-53cca2ad5808 // CNVD: CNVD-2016-03675 // JVNDB: JVNDB-2016-002964 // CNNVD: CNNVD-201605-649 // NVD: CVE-2016-4501

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-4501
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2016-4501
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2016-03675
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201605-649
value:	MEDIUM
Trust: 0.6
IVD:	4d3cc405-6675-4e6b-801b-53cca2ad5808
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-93320
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-4501
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-03675
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	4d3cc405-6675-4e6b-801b-53cca2ad5808
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-93320
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-4501
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	5.2
version:	3.0
Trust: 1.8

sources: IVD: 4d3cc405-6675-4e6b-801b-53cca2ad5808 // CNVD: CNVD-2016-03675 // VULHUB: VHN-93320 // JVNDB: JVNDB-2016-002964 // CNNVD: CNNVD-201605-649 // NVD: CVE-2016-4501

PROBLEMTYPE DATA

problemtype:	CWE-284	Trust: 1.1
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-93320 // JVNDB: JVNDB-2016-002964 // NVD: CVE-2016-4501

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-649

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201605-649

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-002964

PATCH

title:	Top Page	url:	http://www.envirosys.com/	Trust: 0.8
title:	46415：Environmental Systems Corporation Data Controller Authentication Bypass Vulnerability	url:	https://tools.cisco.com/security/center/viewAlert.x?alertId=46415	Trust: 0.8
title:	ESC 8832 is not authorized to patch vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/76665	Trust: 0.6
title:	ESC 8832 Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61959	Trust: 0.6

sources: CNVD: CNVD-2016-03675 // JVNDB: JVNDB-2016-002964 // CNNVD: CNNVD-201605-649

EXTERNAL IDS

db:	NVD	id:	CVE-2016-4501	Trust: 3.6
db:	ICS CERT	id:	ICSA-16-147-01	Trust: 3.1
db:	CNNVD	id:	CNNVD-201605-649	Trust: 0.9
db:	CNVD	id:	CNVD-2016-03675	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-002964	Trust: 0.8
db:	BID	id:	90898	Trust: 0.3
db:	IVD	id:	4D3CC405-6675-4E6B-801B-53CCA2AD5808	Trust: 0.2
db:	VULHUB	id:	VHN-93320	Trust: 0.1

sources: IVD: 4d3cc405-6675-4e6b-801b-53cca2ad5808 // CNVD: CNVD-2016-03675 // VULHUB: VHN-93320 // BID: 90898 // JVNDB: JVNDB-2016-002964 // CNNVD: CNNVD-201605-649 // NVD: CVE-2016-4501

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-16-147-01	Trust: 3.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4501	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4501	Trust: 0.8

sources: CNVD: CNVD-2016-03675 // VULHUB: VHN-93320 // JVNDB: JVNDB-2016-002964 // CNNVD: CNNVD-201605-649 // NVD: CVE-2016-4501

CREDITS

Maxim Rupp and Balazs Makany.

Trust: 0.3

sources: BID: 90898

SOURCES

db:	IVD	id:	4d3cc405-6675-4e6b-801b-53cca2ad5808
db:	CNVD	id:	CNVD-2016-03675
db:	VULHUB	id:	VHN-93320
db:	BID	id:	90898
db:	JVNDB	id:	JVNDB-2016-002964
db:	CNNVD	id:	CNNVD-201605-649
db:	NVD	id:	CVE-2016-4501

LAST UPDATE DATE

2025-04-12T23:22:09.143000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-03675	date:	2016-05-30T00:00:00
db:	VULHUB	id:	VHN-93320	date:	2016-06-07T00:00:00
db:	BID	id:	90898	date:	2016-05-26T00:00:00
db:	JVNDB	id:	JVNDB-2016-002964	date:	2016-06-02T00:00:00
db:	CNNVD	id:	CNNVD-201605-649	date:	2016-06-01T00:00:00
db:	NVD	id:	CVE-2016-4501	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	IVD	id:	4d3cc405-6675-4e6b-801b-53cca2ad5808	date:	2016-05-30T00:00:00
db:	CNVD	id:	CNVD-2016-03675	date:	2016-05-30T00:00:00
db:	VULHUB	id:	VHN-93320	date:	2016-05-31T00:00:00
db:	BID	id:	90898	date:	2016-05-26T00:00:00
db:	JVNDB	id:	JVNDB-2016-002964	date:	2016-06-02T00:00:00
db:	CNNVD	id:	CNNVD-201605-649	date:	2016-05-27T00:00:00
db:	NVD	id:	CVE-2016-4501	date:	2016-05-31T01:59:08.337